Master in Information Security - MIS

Innledning

Information technology permeates all aspects of society and has become critical to industry, government, and individual well-being. Securing the vital services and structures and ensuring availability of trustworthy information whenever and wherever it is required has become a field of intensive interdisciplinary research in the recent years. At the same time, information security has become an area of extensive commercial activity with thousands of companies developing and marketing various data protection products. The Master in information security provides the students with knowledge and theoretical background, as well as with the skills and attitudes necessary to succeed in this challenging yet eminently rewarding field.

The goals of the study program are achieved through the research-based courses that reflect the research results of the teaching staff to a large extent. In such a way, the students are always offered top-quality courses through which they acquire knowledge that gives them many advantages in their careers.

The study program is closely related to the research community Norwegian Information Security Laboratory (NISlab), which also offers bachelor and PhD studies in information security. This research environment consists of professors that are active in research and internationally recognized as experts in their respective fields. NISlab is a member of Forum for Research and Innovation in Security and Communication (FRISC), a Norwegian network of institutions dedicated to cutting-edge research in information security. NISlab also has strong international relations and its collaboration network includes more than 20 research institutions worldwide.

Studiets varighet, omfang og nivå

This is a two-year master program (120 ECTS credits), which is also available part-time over three or four years. The degree awarded upon completion is “Master of Science in Information Security”.

The program has three tracks: Technology , Digital forensics , and Management . After the first semester, which is common to all the tracks (see the course structure below), the students have to choose which track they are going to pursue.

The program qualifies the students to proceed to Ph.D. studies.

Forventet læringsutbytte

Knowledge  

  • The candidate possesses advanced knowledge in the field of information security in general and the following particular topics: computer and network security, security management, incident response, security of critical information infrastructure and legal aspects of information security. The candidate possesses special insight and expertise in information security technology, digital forensics or security management, depending on the chosen program track.
  • The candidate possesses thorough knowledge of academic theory and methods in the field of information security.
  • The candidate is capable of applying knowledge in new areas within the field of information security.
  • The candidate is familiar with current state-of-the-art in the field of information security.
  • The candidate possesses thorough knowledge of scientific methodology, needed to plan and carry out research and development projects in the field of information security.

Skills  

  • The candidate is capable of analyzing existing theories, methods and interpretations of theories within the field of information security as well as solving theoretical and practical problems independently.
  • The candidate is capable of using independently relevant methods in research and development in the field of information security. These methods include literature study, logical reasoning and performing scientific experiments together with interpreting their results.
  • The candidate is capable of performing critical analysis of different information sources and applying the results of that analysis in academic reasoning and structuring and formulating scientific problems.
  • The candidate is capable of completing an independent research and development project of moderate size under supervision (example: the master thesis), adhering to the current code of ethics in scientific research.
  • The candidate is capable of carrying out a plan of a research project under supervision.

General competence  

  • The candidate is capable of analyzing academic, professional and research problems.
  • The candidate is capable of using knowledge and skills to carry out advanced tasks and projects.
  • The candidate is capable of imparting comprehensive independent work in the field of information security. The candidate also mastered the terminology in the field of information security.
  • The candidate is capable of communicating academic issues, analysis and conclusions both with experts in the field of information security and with the general audience.
  • The candidate is capable of contributing to innovation and innovation processes.

Internasjonalisering

The students are allowed to travel abroad to do their master theses. The information security group has strong links to many of the leading international academic groups within the field, and the students are encouraged to contact their instructors in the course «Research project planning» to ask for relevant travel opportunities.

Målgruppe

There are three focus groups for this study program:

  1. Undergraduate students entering the program as a continuation of their bachelor degree without any prior work experience.
  2. Industry students (or students in the private/public sector in general) looking for a full-time or part-time master program, which is flexible and can be adapted to their employers' needs and their own individual needs.
  3. International students: exchange students (arriving for a single semester only), full-time students, and part-time students.

Opptakskrav og rangering

To qualify for admission, an applicant must have a bachelor degree in computer science or another field relevant for information security (mathematics, electrical engineering, physics, etc.). The applicant must document that he/she has at least 10 ECTS credits in mathematics/statistics and at least 30 ECTS credits in computer science subjects (for example, computer programming, theory of algorithms, databases, computer networking, etc.) at the bachelor level. A grade point average (GPA) of at least C on the bachelor studies is required.

Graduate studies in information security require a somewhat different mathematical platform than the one included in most bachelor studies. To master the theoretical topics included in the master program we recommend that the students attend the consultancy sessions related to certain topics in the field of mathematics and computer science, organized occasionally during the course of the studies in the form of various seminars.

Studiets innhold, oppbygging og sammensetning

The program is offered in a flexible manner to fit well to all the three target groups of students. In general, on-campus presence is required  only three times per semester (1-3 days each time), for a start-up session, for mid-term exams/presentations (and a start-up session of the second part of the semester) and for final exams/presentations. All courses are available online, but there will also be sessions on a regular weekly or bi-weekly schedule. The presence on these sessions is not required.

The program has three tracks (paths of study): technology, digital forensics, and management. Students have to choose which track they pursue after the first semester, which is common for all the tracks. The common courses in the first semester cover the core topics in both information security technology, forensics and management: Cryptology 1, Applied information security, IT governance, Legal aspects of information security, Digital forensics 1, and Scientific methodology. In the rest of the study program, each track has a set of specific courses. Elective courses, taken in the 3rd semester, are freely chosen from a common pool of electives. The students have to choose their master thesis topics within their chosen tracks.

Ordinary mandatory courses from other tracks of the program and courses from the master program in media technology and the CIMET (Color in Informatics and Media Technology) master can be included as electives. Students can also use up to 20 ECTS of the courses at the 3000 level  as a part of their master program. These must however not be part of the necessary credits for admission – if so, they must be replaced by new credits. Some of the courses listed above can also be flexible regarding time, space and teaching format upon request by the students (typically, a course may be taken in a different semester through self-study and under individual or group supervision).

Master-level courses from other institutions can be included as electives or can substitute mandatory courses at the discretion of the program director.

The course structure for the part-time students can be composed individually as long the track-specific requirements mentioned above and any course inter-dependencies are respected. The most important course inter-dependencies are the following: 1. Students should start working on their master theses in the semester following the research project planning course, 2. All previous coursework has to be completed before starting work on the master thesis (an exception of 10 missing credits may be tolerated at the discretion of the director of the study program, but only if the missing credits are not relevant for the topic of the master thesis).

Study methods

  • Lectures
  •  Exercises
  • Project work
  • Essay/Article writing
  • Independent study
  • Group exercises
  • Lab exercises

In addition to the classical study methods requiring presence by the students, the Master program in information security makes extensive use of flexible distance study methods. Every course contains the whole study material in digital form available online, via a special system available to the students once enrolled in the program. Audio recordings of the lectures are available online in most subjects contained in the program and the number of subjects that use video recording of the lectures is increasing very fast as technical possibilities make this form of presentations possible. Video streaming of the lectures is also used, whenever technical possibilities allow this. Many subjects use online exams.

Tekniske forutsetninger

All the students admitted to the study program are required to use their own lap-top computers. The students that choose to participate in the study program as distance students, need in addition a broadband Internet connection. Software that is needed is mostly freely available on the Internet. In some courses, commercial products such as MatLab, are required.

As for the practical computer skills, it is expected that the students are capable of using any contemporary operating system (Microsoft Windows, GNU/Linux, MacOS, etc.) both with a graphical user interface and a command line interface.

Emnetabeller

Master in Information Security 2014-2016 Technology full-time track

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V)
IMT4421 Scientific methodology O 5      
IMT4532 Cryptology 1 O 5      
IMT4561 Applied Information Security O 5      
IMT4571 IT Governance O 5      
IMT4591 Legal Aspects of Information Security O 5      
IMT4012 Digital Forensics 1 O 5      
IMT4152 Socio-technical Security Risk Modeling and Analysis 1 O   5    
IMT4582 Network Security O   5    
IMT4541 Foundations of Information Security O   5    
IMT4552 Cryptology 2 O   5    
IMT4621 Biometrics O   5    
IMT4122 Software Security Trends O   5    
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
IMT4601 Research Project Planning O     5 5
IMT4904 Master Thesis O       30
Sum: 30 30 30 30
*) O - Obligatorisk emne, V - Valgbare emne

Master in Information Security 2014-2016 Digital Forensics full-time track

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V)
IMT4421 Scientific methodology O 5      
IMT4532 Cryptology 1 O 5      
IMT4561 Applied Information Security O 5      
IMT4571 IT Governance O 5      
IMT4591 Legal Aspects of Information Security O 5      
IMT4012 Digital Forensics 1 O 5      
IMT4612 Machine Learning and Pattern Recognition 1 O   5    
IMT4582 Network Security O   5    
IMT4641 Computational Forensics O   5    
IMT4022 Digital Forensics 2 O   10    
IMT4122 Software Security Trends O   5    
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
IMT4601 Research Project Planning O     5 5
IMT4904 Master Thesis O       30
Sum: 30 30 30 30
*) O - Obligatorisk emne, V - Valgbare emne

Master in Information Security 2014-2016 Management full-time track

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V)
IMT4421 Scientific methodology O 5      
IMT4532 Cryptology 1 O 5      
IMT4561 Applied Information Security O 5      
IMT4571 IT Governance O 5      
IMT4591 Legal Aspects of Information Security O 5      
IMT4012 Digital Forensics 1 O 5      
IMT4152 Socio-technical Security Risk Modeling and Analysis 1 O   5    
IMT4582 Network Security O   5    
IMT4651 Security as Continuous Improvement O   5    
IMT4661 Security Management Dynamics O   5    
IMT4841 Security Planning and Incident Management O   10    
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
Valgemne, 5 ECTS V     5  
IMT4601 Research Project Planning O     5 5
IMT4904 Master Thesis O       30
Sum: 30 30 30 30
*) O - Obligatorisk emne, V - Valgbare emne

Master in Information Security 2014-2017 Technology part-time track (three years)

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V) S5(H) S6(V)
IMT4421 Scientific methodology O 5          
IMT4532 Cryptology 1 O 5          
IMT4561 Applied Information Security O 5          
IMT4012 Digital Forensics 1 O 5          
IMT4152 Socio-technical Security Risk Modeling and Analysis 1 O   5        
IMT4582 Network Security O   5        
IMT4541 Foundations of Information Security O   5        
IMT4552 Cryptology 2 O   5        
IMT4591 Legal Aspects of Information Security O     5      
IMT4571 IT Governance O     5      
Valgemne, 5 ECTS V     5      
Valgemne, 5 ECTS V     5      
IMT4621 Biometrics O       5    
IMT4122 Software Security Trends O       5    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V         5  
IMT4601 Research Project Planning O         5 5
IMT4904 Master Thesis O         10 20
Sum: 20 20 20 20 20 20
*) O - Obligatorisk emne, V - Valgbare emne

Master in Information Security 2014-2017 Digital Forensics part-time track (three years)

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V) S5(H) S6(V)
IMT4421 Scientific methodology O 5          
IMT4532 Cryptology 1 O 5          
IMT4561 Applied Information Security O 5          
IMT4012 Digital Forensics 1 O 5          
IMT4612 Machine Learning and Pattern Recognition 1 O   5        
IMT4582 Network Security O   5        
IMT4641 Computational Forensics O   5        
IMT4122 Software Security Trends O   5        
IMT4591 Legal Aspects of Information Security O     5      
IMT4571 IT Governance O     5      
Valgemne, 5 ECTS V     5      
Valgemne, 5 ECTS V     5      
IMT4022 Digital Forensics 2 O       10    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V         5  
IMT4601 Research Project Planning O         5 5
IMT4904 Master Thesis O         10 20
Sum: 20 20 20 20 20 20
*) O - Obligatorisk emne, V - Valgbare emne

Master in Information Security 2014-2017 Management part-time track (three years)

Emnekode Emnets navn O/V *) Studiepoeng pr. semester
  S1(H) S2(V) S3(H) S4(V) S5(H) S6(V)
IMT4421 Scientific methodology O 5          
IMT4532 Cryptology 1 O 5          
IMT4561 Applied Information Security O 5          
IMT4571 IT Governance O 5          
IMT4152 Socio-technical Security Risk Modeling and Analysis 1 O   5        
IMT4582 Network Security O   5        
IMT4651 Security as Continuous Improvement O   5        
IMT4661 Security Management Dynamics O   5        
IMT4591 Legal Aspects of Information Security O     5      
IMT4012 Digital Forensics 1 O     5      
Valgemne, 5 ECTS V     5      
Valgemne, 5 ECTS V     5      
IMT4841 Security Planning and Incident Management O       10    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V       5    
Valgemne, 5 ECTS V         5  
IMT4601 Research Project Planning O         5 5
IMT4904 Master Thesis O         10 20
Sum: 20 20 20 20 20 20
*) O - Obligatorisk emne, V - Valgbare emne

Electives

*) O - Obligatorisk emne, V - Valgbare emne